<?php

require_once ABSPATH . '/system/sql.php';

$sql_link = MySQL::getInstance();

if(isset($_POST['name'])){      //修改信息
    $sql_str = 'UPDATE users, user_infos SET ';
    if($_POST['pass'] != ''){
        $sql_str = $sql_str.'users.pass=:pass,';
    }
    $sql_str = $sql_str.'users.name = :name, user_infos.sex = :sex,users.email=:email,user_infos.institute = :institute,
    user_infos.speciality = :speciality, user_infos.class = :class, user_infos.phone_mac =:phone_mac,
    user_infos.pc_mac = :pc_mac WHERE users.id = :id AND users.id = user_infos.user_id';

    $res = $sql_link->prepare($sql_str);
    $res->bindParam(':id',$GLOBALS['user_id']);
    if($_POST['pass'] != ''){
        $res->bindParam(':pass',$pass);
        $pass = password_hash($_POST['pass'],PASSWORD_DEFAULT);
    }
    $res->bindParam(':name',$_POST['name']);
    $res->bindParam(':sex',$_POST['sex']);
    $res->bindParam(':email',$_POST['email']);
    $res->bindParam(':institute',$_POST['institute']);
    $res->bindParam(':speciality',$_POST['speciality']);
    $res->bindParam(':class',$_POST['class']);
    $res->bindParam(':phone_mac',$_POST['phone_mac']);
    $res->bindParam(':pc_mac',$_POST['pc_mac']);
    $res->execute();
    $ret = array(
        'code' => 200,
        'msg' => 'ok',
    );

}else{                          //查询信息

    $res = $sql_link->prepare('SELECT user_infos.sex, users.email,user_infos.institute, user_infos.speciality,
    user_infos.class, user_infos.phone_mac, user_infos.pc_mac FROM users, user_infos WHERE users.id =:id
     AND users.id = user_infos.user_id');
    $res->bindParam(':id',$GLOBALS['user_id']);
    $res->execute();
    $info_data = $res->fetch(PDO::FETCH_ASSOC);

    $ret = array(
        'code' => 200,
        'msg' => 'ok',
        'data' => $info_data
    );
}
echo json_encode($ret);